CVE-2017-5597
25.01.2017, 21:59
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.Enginsight
| Vendor | Product | Version |
|---|---|---|
| wireshark | wireshark | 2.0.0 |
| wireshark | wireshark | 2.0.1 |
| wireshark | wireshark | 2.0.2 |
| wireshark | wireshark | 2.0.3 |
| wireshark | wireshark | 2.0.4 |
| wireshark | wireshark | 2.0.5 |
| wireshark | wireshark | 2.0.6 |
| wireshark | wireshark | 2.0.7 |
| wireshark | wireshark | 2.0.8 |
| wireshark | wireshark | 2.0.9 |
| wireshark | wireshark | 2.2.0 |
| wireshark | wireshark | 2.2.1 |
| wireshark | wireshark | 2.2.2 |
| wireshark | wireshark | 2.2.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References